CVE-2021-3146

Published Apr 8, 2021

Last updated 4 years ago

CVSS high 7.8

Overview

Description: The Dolby Audio X2 (DAX2) API service before 0.8.8.90 on Windows allows local users to gain privileges.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-426

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3E5EA9AD-1E84-4AB5-A1EF-3B9F2AC84755"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2013:-:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "27EF8DB7-D5A0-47A8-9F69-7D0259490D69"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_c\\+\\+:2005:sp1:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "882CDAE9-EC03-48E6-814C-50236B8F0B93"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_c\\+\\+:2008:sp1:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A4E0021F-ABB9-4FB4-BC1C-5098F2E66371"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_c\\+\\+:2010:-:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8510550C-3A26-4BB3-A5F3-11D591DD0CE6"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio:2005:sp1:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9271AF1C-9B1C-4ADB-9F54-E63EBA2910F9"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:sp1:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9AB2C8C4-7E86-4736-9CE4-2E65E4EDBF02"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio:2010:-:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4F4DFC93-9533-4893-B634-0551CDE7D252"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "85959AEB-2FE5-4A25-B298-F8223CE260D6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:dolby:audio_x2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3EC4CE97-1834-4AAD-B6CE-C6833060ADB8",
            "versionEndExcluding": "0.8.8.90"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References